BroadPWN

Recently, the Black Hat Briefings and DEF CON Hacking Conference both took place in Las Vegas, Nevada. Both annual conferences bring together different sector leaders to discuss emerging cybersecurity issues. Over the coming weeks, Accellis will dive deeper into conference findings and how new insights will affect the cybersecurity landscape.

BroadPWN

BroadPWN, a new critical vulnerability has surfaced during the recent Black Hat event. Nitay Artenstein, a security researcher, demonstrated a proof-of-concept (POC) at Black Hat that can remotely hack and take full control of smart phones.  BroadPWN uses a vulnerability that attacks a smartphone’s wireless chips.

All smartphones today (both iPhone and Android) use Broadcom manufactured wireless chips that allow smartphones to connect to wireless networks. This vulnerability enables an attacker to gain full access to a victim’s smartphone.  Essentially, an attacker can send specially crafted wireless packets to the victim’s phone.  Once the special packet is on the phone, the vulnerability is then tripped and the attacker can now rewrite the Broadcom firmware. With a few more lines of code added to the firmware, the attacker now can gain full control of the device.

From BroadPWN’s POC demonstration, it was shown that a worm (also known as a self-replicating malware) was developed. This worm allows the attacker to only infect ONE smartphone and then they can sit back while the worm does the rest of the work.  The worm now repeats the attack to any other vulnerable smartphone.

This vulnerability requires no user interaction (no link to click, no email attachment to open) which makes any smartphone owner susceptible to an attack. A smartphone owner could have an infected phone, without even knowing it.

Next Steps

This vulnerability only affects smartphone, since laptops and desktops utilize a different wireless hardware. Desktop operating systems also have more protections in place to help combat vulnerabilities. Apple and Google have both released patches to fix this issue.  All Apple phones versions iPhone 5 and up should be on iOS software 10.3.3. Google has released their July 2017 security update to combat the vulnerability. Going forward, the best way to prevent this, or any similar attack is to ALWAYS keep your smartphone up to date and try to avoid joining open public Wi-Fi networks such as Starbucks and at your local airport.